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In an information delivery system, a security 
device (SD) manages an access to information (INF). 
The security device (SD) is cap^le of providing a 
pointer (PO) which indicates a location (LO) from which 
additional data (ADA) may be obtained. The additional 
data (ADA) may be a description of the information 
(INF) which is offered. For example, in a pay TV system, 
the infonnation (INF) may be a paiticular movie of which 
the description is *'James Bond. Dr. No. action category. 
12 years and older, broadcast April 19. at 20h30." In that 
case, the pointer (PO) may be used to infonn a subscriber 
dxat his security device (SD) allows him to watch this 
particular movie. However, the additional data (ADA) 
contained in the location (LO) indicated by the pointer 
(PO), may also be s<rfitware for various purposes such 
as, for example, playing games or configuring a receiver 
(REC) which co-operates witfi the security device (SD). 
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1 

Security device managed access to information. 



The invention relates to management of access to information by means of 
a security device. The information may be provided in a scrambled form. In that case, the 
security device may allow or may not allow descrambling depending on whether or not it 
contains data objects which represent an entitlement to access the information. 

5 

US-A 5,235,415 describes an arrangement for allowing fee paying 
subscribers to access TV or radio programs. Data describing the program fees and the 
account status is contained in a subscriber held security processor such as a smart card. The 
arrangement includes a keyboard for requesting messages concerning the programs. As a 

10 function of the content of the requests, a module converts the data contained in the security 
processor into intelligible messages by using transcoding tables transmitted regularly within 
the television and/or radio signals. 

The invention seeks, inter alia, to provide management of access to 
information by means of a security device which, with respect to the background art, allows 

15 greater flexibility. Claims 1, 5, 6 and 7 define a security device, a receiver, a data stream, a 
method of operating an information ddivery access system, respectively, in accordance with 
the invention. Additional features, which may be optionally used to implement the invention 
to advantage, are defined in the dependent claims. 

The invention takes the following aspects into consideration. An 

20 information provider may want to provide his subscribers with a new type of security device 
at a certain point in time. In practice, it will not be feasible to make all subscribers change 
their old security device for the new one at the exactly same moment. Thus, there will be a 
transitional period in which the both the old security device and the new security device may 
be used. 

25 In the background art, certain practical problems will arise if, in the new 

security device, a new code and/or format is used for the data which is contained therein. 
For example, the information provider will have to transmit two different types of 
transcoding tables, namely one transcoding table for transcribing the data in the old code into 
intelligible messages, and an another transcoding table for transcribing the data in the new 
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code. Transmission of two different types of transcoding tables requires additional 
transmission capacity, which may be difficult to find or which may even not be present at 
aU. 

In accordance with the invention, there is provided, in a security device, a 
S pointer indicating a location firom which additional data may be obtained. The additional data 
may be a description of the information which is offered. For example, in a pay TV system, 
the informaticMi may be a particular movie of which the description is "James Bond, Dr. No, 
action category, 12 year and older, broadcast April 19, at 20100." Such descriptions will be 
available in an intelligible form because information providers will want to inform the public 

10 on what they are offering to stimulate purchase. The pointer may be used to inform a 
subscriber that his security device allows fiim to watch this particular movie. Transcoding 
tables are not required for that purpose. Consequently, the inventions allows greater 
flexibility than the background ait. 

Other advantages of the invention are as follows. In contradistinction with 

IS the background art, the invention does not require a dedicated module for transcoding the 
data contained in the security device on the basis of transcoding tables. In the invention, any 
hardware and/or software for obtaining the additional information from the location indicated 
by the pointer, will be relatively simple in most cases. Moreover, such hardware and/cMr 
software may be wholly or partially used for other functions which involve data retrieval 

20 and/or data representation like, for example, an electronic program guide (EPG) function. 
Consequently, the invention also allows a relatively cost-effective implementation. 

The additional data, which may be obtained from the location indicated by 
the pointer, may be any type of data. For example, it may be software which may have or 
may not have a certain relationship with the information to which the access is controlled by 

25 means of the security device. The additional data may also be software for providing an 
interface between the security device and a device to which it may be coupled. Thus, the 
invention also allows to complement the functionality of the security device itself, as well as 
to enhance the functionality of an arrangement of which the security device may form paiL 
The invention and additional features, which may be optionally used to 

30 implement the invention to advantage, are be apparent from and will be elucidated with 
reference to the drawings described hereinafter. 



In the drawings. 

Fig. 1 is a conceptual diagram illustrating basic features of the invention; 
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Figs* 2 to 4 are conceptual diagrams illustrating additional features which 
mzy optionally be used to implement the invention to advantage; and 

Fig. 5 is a block diagram of an example of a pay TV system in 
accordance to the invention. 
S First, some remarks will be made on the use of reference signs. Similar 

entities are denoted with an identical lettercode throughout the drawings. In a single drawings 
various similar entities may be shown. In that case, a numeral is added to the lett^code, to 
distinguish similar entities from each other. The numeral will be between parentheses if the 
number of similar entities is a running parameter. In the description and the claims, any 

10 numeral in a reference sign may be omitted if this is appropriate. 

Fig. 1 illustrates bade features of the invention in some its various 
aspects, namely with regard to a security device SD, a receiver REC and a data stream DS. 
The security device SD manages an access to information INF. It is capable of providing a 
pointer PO indicating a location LO from which additional data ADA may be obtained. The 

15 receiver REC co-operates with the security device SD. It includes a circuit CON for 

retrieving the additional data ADA from the location LO by the pointer PO. The location LO 
is preferably outside the secure device SD. The information INF may be supplied to the 
receiver REC in the form of a data stream DS. In that case, the pointer PO may have been 
transmitted to the security device SD for storage therein via the data stream DS. 

20 In principle, the additional data ADA may be any kind of data. Three 

different types of additional data will be given by way of example. 

First, the additional data ADA may be a description of the information 
INF which is offered. For example, in a pay TV system, the information INF may comprise 
a particular movie of which the description is "James Bond, Dr. No, action category, 12 

25 year and older, broadcast April 19, at 20H30." The pointer PO may be used to inform the 
subscriber that his security device SD contains a data object which allows him to watch this 
movie. To this end, the pointer PO may be associated with this data object or it may even 
form a part of it, which will be discussed in greater detail hereinafter. 

Secondly, the additional data ADA may be software for providing an 

30 interface between the security device SD and the receiver REC which need to cooprnte. 
For example, the receiver REC may be a universal settop box which is capable of co- 
operating with different types of security devices belonging to, for example, different pay TV 
system operators. To this end, the settop box may be provided with a universal interface 
which needs to be configured to provide a communication link between the universal settop 
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box and a particular security device. In that case, the pointer PO may indicate a location 
which contains software for configuring the universal interface such that the security device 
and the settop box may co-operate in a desired fashion. 

Thirdly, the additional data ADA may be software for enhancing the 

S functionality at the subscriber's end. Such software may have a certain relationship with the 
information INF to which the access is controlled by the security device SD. For example, 
the additional data ADA may be software for playing a game which may relate to a certain 
program or event in a pay TV system. 

Fig. 2 illustrates the following additional feature. The pointer PO 

10 comprises at least one element LB which identifies a data stream DSl of which the additional 
data ADA forms part. The Fig. 2 feature takes the following aspects into consideration. At a 
certain moment, a subscriber may want to obtain addit:jiial data ADA associated to a certain 
data object contained in his security device SD. At tfiat moment, his receiver REC may very 
well be tuned to a data stream DS2 which is not the one of which the desired additional data 

15 ADA forms part. The Fig. 2 feature allows the receiver REC to automaticaUy tune to the 
data stream DSl which contains the desired additional data ADA in order to subsequently 
retrieve the desired additional ADA data from the data stream DSl. Thus, the Fig. 2 feature 
contributes to user-friendliness. 

Fig. 3 illustrates the following additional feature. The pointer PO 

20 comprises the following elements: 

a label LBl for identifying an information delivery system or network 

NO; 

a label LB2 for identifying an original information delivery system or 
original network ONW; 

25 a label LB3 for identifying a data stream DSl from any other data stream 

DS2 provided by the information delivery system; and 

a label LB4 for identifying a service SVl from any other service SV2 
within the data stream. A service is a coUecdon of various pieces of information offered by 
an informadon provider. For example, in a pay TV system, a collection of sports programs 

30 may be a service. 

The Fig. 3 feature allows to create a backward link from a data object in the security device 
concerning an entitlement, to service information in a data stream of the MPEG type, MPEG 
being an abbreviation for Moving Pictures Expert Group. 

Fig. 4 illustrates the following additional feature. The pointer PO forms 
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part of a data object DO contained in the security device SD. This allows efficient use of 
available data storage capacity in the security device SD and an easy access to the pointer 
PO. Nevertheless, the Fig. 4 feature may seem strange because, on the one hand, the pointer 
PO is uncoded and public whereas, on the other hand, the security of data (A>jects is essential 
5 to the inviolability of the access management. However, it is taken into consideration that 
data objects need not be coded in their entirety in order for the access management to be 
inviolable. What matters is that no one other than the relevant information provider is able to 
store data c^Tjects in the security device. To this end, a secret check code may be added to 
the pointer PO so as to form the data object. The check code may be generated on the basis 

10 of the pointer PO itself in combination with a secret key which is in the possession of the 
service provider and which is also stored in the security device. If a data object is supplied to 
the security device SD, it checks if the secret code which is added to the pointer is correct 
If so, it will store the data object, if not it will reject the data object. 

Fig. 5 illustrates an example of an pay TV system in accordance with the 

15 invention. It comprises the following main elements: an operator service centre OSC and, at 
a subscriber's end, a settop box STB, a user interface UIF, and a security device in the form 
of a smart card SC. The settop box STB includes a front-end FRE, a data filter FEL, a 
descrambler DES, a controller CON, and a memory MEM which includes EPG software. 
The settop box STB may be coupled to a picture display device, not shown in Fig. 5. 

20 The Fig. 5 system operates as follows. The operator service centre OSC 

transmits, in a scrambled form, television programs to the settop box STB by means of an 
MPEG data stream DS. The MPEG data stream DS includes entiUement messages EMM 
concerning entitlements of a subscriber, or a group of subscribers, to watch certain 
programs. The MPEG data stream DS also includes service information data SID, for 

25 example, as specified in the European Telecommunication Standard 300 468. The service 
information data SID comprises, amongst other things, descriptions of the following: the 
program providw, the programs, and the scheduling/timing of these programs. The 
description of different programs are distinguished by unique identifiers ID(1)..II>(N). 
Furthermore, the service information data SID also contains identifiers IDS to uniquely 

30 identify the MPEG data stream DS and its origin. 

At the subscriber's end, the front-end FRE is tuned to the MPEG data 
stream DS. The filter FIL extracts the service information data SID and the entitlement 
messages EMM from the MPEG data stream DS. The controller CON may process the 
service information data SID using the EPG software, so as to provide visual presentations 
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which inform the subscriber on current and future programs. The controller CON may also 
transfer the entitlement messages EMM to the smart card SC. The entitlement messages 
EMM are processed in the smart card SC so as to obtain entitlement data objects 
EDO(l)..EDO(N) which, subsequently, are stored in the smart card SC. An entitlement data 

S objects EDO may be regarded as controlling a switch which enables or disables the 

descrambler DES when a certain program is provided. Thus, access to programs depends on 
the entitlement data objects EDO contained in the smart card SC. To inform the subscriber 
whether or not he can watch a particular program, the entitlement data objects 
EDO(l)..EDO(N) also comprise pointers PO(l)..PO(N)- These pointers may have been 

10 transmitted, for example, by means of the entiaemcnt messages EMM. 

The subscriber may obtsun an overview of all programs he is entitled to 
watch, in the following manner. He may order such an overview via the user interface UIF. 
In response, the controller CON will examine the smart card SC by reading ail pointers 
PO(1)..PO(N) contained therein. Next, the controller CON will check if the front-end PRE is 

IS tuned to the de^red MPEG data stream DS on the basis of the identifiers IDS which uniquely 
identify data streams. If the front-end PRE were not tuned to the MPEG data stream DS, the 
controller CON would tune the front-end PRE in accordance with the pointers PO(l)..PO(N) 
which contain a data element indicating the desired MPEG data stream DS. Once the front- 
end PRE has been correctly tuned, the controller CON will connect the pointers 

20 PO(l)..PO(N) and the service information data SID by means of the identifiers ID(1)..ID(N) 
contained therein. Accordingly, it will read those portions of the service information data 
SID pertaining to the programs which the subscriber is entitled to watch. The EPG software 
is used to visualize those portions in the service information data SID such that the 
subscriber obtains the overview he has ordered. 

25 The drawings and their description hereinbefore, illustrate rather than 

limit the invention. Evidently, there are numerous alternatives which fall within the scope of 
the appended Claims. In that respect, the following closing remarks are made. 

There are numerous ways of physically spreading functions or functional 
elements over various units. In this req>ect, the drawings are very diagrammatic and 

30 respectively represent only one possible embodiment of the invention. As an example, with 
reference to Pig. 1, the security device SD may form an integral part of the receiver REC. 

Any type of information INF accessed by means of the secure device SD. 
For example, the information INF may be music or software. It may also be a combination 
of, for example, video, music and software. 
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Any manner may be used to make the information INF and the additional 
data ADA available to a user. For example, the information INF may be stored in a database 
which can be accessed via Internet or any other means. It may also be stored on a carrier, 
such as a CD-ROM for example, which the user may purchase or get for free. Of course, 
S the aforementioned also applies with regard to the additional data ADA. 

Any type of receiver REC may be used to co-operate with the security 
device SD. For example, the receiver REC may be a computer terminal connected to a 
network via which data can be transmitted such as, for example, a telephone network. 

Any number of elements may constitute the pointer PO. For example, 
10 with reference to the Fig. 3 feature, the pointer PO may additionaUy include a further label 
LBS which identifies a program from any other program within the service SVl. 

Any reference signs between parentheses shall not be construed as limiting 
the Claim concerned. 



1 
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Claims : 



L A security device (SD) for managing an access to information (INF), 

characterized in that the security device (SD) is arranged to provide a pointer (PO) indicating 
a location (LO) from which additional information (ADA) may be obtained. 

2. A security device (SD) as claimed in Claim 1, characterized in that the 
S pointer (PO) comprises at least one element LB which identifies a data stream (DSl) of 

which the additional data (ADA) forms part. 

3. A security device (SD) as claimed in Claim 1, characterized in that the 
pointer (PO) comprises the following data elements: 

a label (LB)1 for identifying an information delivery system or network 

10 (NW); 

a label (LB2) for identifying an original information delivery system or 
original network (ONW); 

a label (LB3) for identifying a data stream (DSl) from any other data 
stream (DS2) provided by the information delivery system; and 
15 a label (LB4) for identifying a service (SVl) from any ether service (SV2) 

within the data stream. 

4. A security device (SD) as claimed in Claim 1, characterized in that the 
pointer (PO) forms part of a data object (DO) for managing an access to the information. 

5. A receiver (REC) arranged for co-operating with a security device (SD) as 
20 claimed in Claim 1, characterized in that the receiver (REC) comprises a circuit (CON) fcM- 

retrieving the additional information (ADA) as indicated by the pointer. 

6. A data stream (DS) comprising information (INF) to which an access is 
manageable by means of a security device (SD), characterized in that the data stream (DS) 
includes a pointer (PO) for storage in the security device (SD), the pointer indicating a 

25 location (LO) from which additional data (ADA) may be obtained. 

7. A method of operating an information ddivery system which includes at 
least one security device (SD) for managing an access to information (INF), characterized in 
that said method comprises the step of providing the security device (SD) with a pointer (PO) 
indicating a location (LO) from which additional data (ADA) may be obtained. 
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FIG. 5 



